Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 963
- Points
- 113
Carding is a type of fraud in which attackers, having fraudulently obtained your confidential data, in particular full payment card details, withdraw money from your accounts without your knowledge.
To get into the carders' zone of interest, you just need to use a bank card.
One of the methods that fraudsters use to gain access to card data is to hack the servers of an online store, payment and settlement systems. Using remote access programs and various malware (software), hackers can obtain important personal information about you and your payment card information.
What is carding?
Carders, that is, fraudsters hunting for other people's payment cards, can use attacks on their potential victims using various reading devices on ATMs, or remote attacks - phishing, vishing and others.
In the first case, a skimming device is used - this is a miniature device that is attached to an ATM and with which you can read information from a payment card. Banks, in turn, are constantly improving the level of their ATM systems and installing electronic means to protect them and detect skimmers. Therefore, thefts using skimmers are becoming less and less due to the improvement of the technical equipment of banks. In return, they get simulations of various situations with social engineering, when scammers try to gain the necessary access to confidential information, based on people's psychology.
Fraudsters show ingenuity, so do not succumb to provocations; maintain critical thinking in all situations.
What methods do carders use at a distance?
As for remote attacks, fraudsters come up with various ways to obtain payment card data and actively use modern technologies for these purposes. They just need to find out the card number and the three-digit code on its back (CVV/CVC code) to leave the owner of the “plastic” without funds. Fraudsters can steal your card, use its photograph, which you once posted on various sites, social networks or instant messengers, using a phishing site, that is, a clone site, for example, an online store, where you yourself indicated the full card details to purchase goods. Attackers can also use banking Trojans to remotely attack a card user, thus infecting computers and gadgets and penetrating a web browser to steal mobile banking application passwords, linked card numbers and other personal confidential information. To minimize the risk of password theft using the above method, it is better not to use the auto-save password function in the browser of gadgets (smartphones, computers, etc.); if necessary, check the current browser settings and disable this function.
If you notice that money has been debited from your card, contact the bank and law enforcement agencies.
How else do carders work?
Posing as bank employees, representatives of the security service of a financial organization, or law enforcement agencies, attackers may call you and, under various pretexts, try to force you to provide your payment card details. For example, they may say that you are currently under a hacker attack, and in order for the bank to take action, you urgently need to dictate the three numbers on the back of the card and the confirmation code from SMS.
Since the beginning of the pandemic, scammers have also been actively exploiting the coronavirus theme, be it free diagnostics, medical care, benefits, compensation, refunds for air tickets and much more. Older people most often trust such information, especially about various social benefits, and can provide callers with all the information on their cards.
Fraudsters can not only make threats, they also know how to give positive emotions so that you gain trust in them. To do this, they use social engineering methods. For example, they may report that you won a drawing held by their bank or organization, or in some other way you became the lucky winner of a valuable prize. Or they can say that the bank has upgraded you to the VIP client category and you will have the best service, high cashback and much more.
Fraudsters may ask you to install “special” software to “protect your funds.” In fact, these can be spyware, with the help of which attackers can find out your card details, take possession of your funds and easily issue a loan to you.
The main goal of attackers is to confuse you and evoke strong emotions: fear or joy, delight. As you know, people in this state are easier to manage.
If unknown people call you and start talking about money, it is better to end the conversation and call back the official numbers of the organization whose representative called you.
What to do if carders have obtained the necessary data?
Immediately contact the bank with a request to block the card, reporting fraudulent activity. The card will be reissued to you. Also change your password in your mobile banking app.
File a report about the theft of money from your card to law enforcement agencies. Be sure to keep a copy of the application with the registration number, because if fraudsters try to apply for a loan on you, you will be able to prove that you are not involved in it.
Is it possible to return money that the scammers managed to withdraw or transfer to another account?
Since 2016, the Law of the Republic of Kazakhstan “On Payments and Payment Systems” has been in force in Kazakhstan, according to which the return of funds for a money transfer is carried out in a number of cases, one of which is the establishment of the fact of unauthorized payment made by transfer of money. This fact is established after a thorough investigation conducted by the bank and law enforcement agencies.
The return of money for an unauthorized payment or transfer is carried out by the bank of the beneficiary, that is, the person in whose favor the payment or transfer of money is made, through the withdrawal of money from the bank account of the beneficiary to which the specified money was credited. Moreover, the consent of this person is not required. And the beneficiary’s bank makes a refund no later than the next business day from the date of discovery of this fact at the expense of the available money in the beneficiary’s bank account.
How to avoid becoming a victim of carding?
1. Use antivirus programs obtained from official sources that you can trust. To steal your bank card number using virus software, scammers will use various options: sending phishing links to your email address, sending SMS messages.
2. Update your device software promptly. Updates increase the level of its security against hacking.
3. Change passwords more often, use complex passwords with different symbols and numbers. The faster you detect a hack, the higher your chance of quickly responding and reducing the negative consequences of a fraudulent attack.
4. Recognize phishing. Do not click on suspicious links or download attachments from unknown sources, because the virus may be in a ZIP archive.
5. Set up SMS or PUSH notifications for your mobile banking apps to keep track of all your transactions.
(c) https://inbusiness.kz/ru/author_news/chto-takoe-karding-i-kak-mozhno-obezopasit-sebya-ot-nego
To get into the carders' zone of interest, you just need to use a bank card.
One of the methods that fraudsters use to gain access to card data is to hack the servers of an online store, payment and settlement systems. Using remote access programs and various malware (software), hackers can obtain important personal information about you and your payment card information.
What is carding?
Carders, that is, fraudsters hunting for other people's payment cards, can use attacks on their potential victims using various reading devices on ATMs, or remote attacks - phishing, vishing and others.
In the first case, a skimming device is used - this is a miniature device that is attached to an ATM and with which you can read information from a payment card. Banks, in turn, are constantly improving the level of their ATM systems and installing electronic means to protect them and detect skimmers. Therefore, thefts using skimmers are becoming less and less due to the improvement of the technical equipment of banks. In return, they get simulations of various situations with social engineering, when scammers try to gain the necessary access to confidential information, based on people's psychology.
Fraudsters show ingenuity, so do not succumb to provocations; maintain critical thinking in all situations.
What methods do carders use at a distance?
As for remote attacks, fraudsters come up with various ways to obtain payment card data and actively use modern technologies for these purposes. They just need to find out the card number and the three-digit code on its back (CVV/CVC code) to leave the owner of the “plastic” without funds. Fraudsters can steal your card, use its photograph, which you once posted on various sites, social networks or instant messengers, using a phishing site, that is, a clone site, for example, an online store, where you yourself indicated the full card details to purchase goods. Attackers can also use banking Trojans to remotely attack a card user, thus infecting computers and gadgets and penetrating a web browser to steal mobile banking application passwords, linked card numbers and other personal confidential information. To minimize the risk of password theft using the above method, it is better not to use the auto-save password function in the browser of gadgets (smartphones, computers, etc.); if necessary, check the current browser settings and disable this function.
If you notice that money has been debited from your card, contact the bank and law enforcement agencies.
How else do carders work?
Posing as bank employees, representatives of the security service of a financial organization, or law enforcement agencies, attackers may call you and, under various pretexts, try to force you to provide your payment card details. For example, they may say that you are currently under a hacker attack, and in order for the bank to take action, you urgently need to dictate the three numbers on the back of the card and the confirmation code from SMS.
Since the beginning of the pandemic, scammers have also been actively exploiting the coronavirus theme, be it free diagnostics, medical care, benefits, compensation, refunds for air tickets and much more. Older people most often trust such information, especially about various social benefits, and can provide callers with all the information on their cards.
Fraudsters can not only make threats, they also know how to give positive emotions so that you gain trust in them. To do this, they use social engineering methods. For example, they may report that you won a drawing held by their bank or organization, or in some other way you became the lucky winner of a valuable prize. Or they can say that the bank has upgraded you to the VIP client category and you will have the best service, high cashback and much more.
Fraudsters may ask you to install “special” software to “protect your funds.” In fact, these can be spyware, with the help of which attackers can find out your card details, take possession of your funds and easily issue a loan to you.
The main goal of attackers is to confuse you and evoke strong emotions: fear or joy, delight. As you know, people in this state are easier to manage.
If unknown people call you and start talking about money, it is better to end the conversation and call back the official numbers of the organization whose representative called you.
What to do if carders have obtained the necessary data?
Immediately contact the bank with a request to block the card, reporting fraudulent activity. The card will be reissued to you. Also change your password in your mobile banking app.
File a report about the theft of money from your card to law enforcement agencies. Be sure to keep a copy of the application with the registration number, because if fraudsters try to apply for a loan on you, you will be able to prove that you are not involved in it.
Is it possible to return money that the scammers managed to withdraw or transfer to another account?
Since 2016, the Law of the Republic of Kazakhstan “On Payments and Payment Systems” has been in force in Kazakhstan, according to which the return of funds for a money transfer is carried out in a number of cases, one of which is the establishment of the fact of unauthorized payment made by transfer of money. This fact is established after a thorough investigation conducted by the bank and law enforcement agencies.
The return of money for an unauthorized payment or transfer is carried out by the bank of the beneficiary, that is, the person in whose favor the payment or transfer of money is made, through the withdrawal of money from the bank account of the beneficiary to which the specified money was credited. Moreover, the consent of this person is not required. And the beneficiary’s bank makes a refund no later than the next business day from the date of discovery of this fact at the expense of the available money in the beneficiary’s bank account.
How to avoid becoming a victim of carding?
1. Use antivirus programs obtained from official sources that you can trust. To steal your bank card number using virus software, scammers will use various options: sending phishing links to your email address, sending SMS messages.
2. Update your device software promptly. Updates increase the level of its security against hacking.
3. Change passwords more often, use complex passwords with different symbols and numbers. The faster you detect a hack, the higher your chance of quickly responding and reducing the negative consequences of a fraudulent attack.
4. Recognize phishing. Do not click on suspicious links or download attachments from unknown sources, because the virus may be in a ZIP archive.
5. Set up SMS or PUSH notifications for your mobile banking apps to keep track of all your transactions.
(c) https://inbusiness.kz/ru/author_news/chto-takoe-karding-i-kak-mozhno-obezopasit-sebya-ot-nego
